From SDN to cloud, the transition to any modern technology requires careful management. This all starts in the data centre, where carefully chosen solutions can give the enterprise the best chance of success in terms of security.
Modern data centres are moving to sleeker, more agile designs. However, with new technologies and new environments comes the potential for security issues. Whether protecting from physical breaches or data leaks, creating a secure data centre is paramount. When creating or upgrading a data centre, IT professionals need to keep a few important points in mind in regard to staying safe.
Moving forward with new technologies inherently involves risk. To mitigate that risk, companies can start by becoming aware of existing problem areas before they address their need for new technologies. With that in mind, Stuart Hatto, CISSP, EMEAR Field Product Manager, Cisco Security, discusses potential pain points faced by technology enterprises. “The exponential increase in volume and complexity of data is putting a strain on the organisation’s existing technologies and IT budgets,” says Hatto. “This mix of structured and unstructured data adds to the complexity in a network’s infrastructure, since different technology stacks are required to handle the diversified types of information.”
This business-critical and sensitive information requires modern data centres to constantly evolve to meet the needs and expectations of the enterprise. Not least among these needs is security, which can pose a problem, as disruptive technologies such as cloud, virtual resources and BYOD are introduced.
Traditional data centres offered the benefit of security controls applied to each physical system. This meant that the most sensitive data could be physically separated and different levels of security applied to each accordingly. “This is no longer the case for next-generation data centres,” says Garreth Scott, Director of Sales, Credence Security. “Virtual resources cannot be compartmentalised in the same way and security controls can no longer be tied to physical resources. As capacity expands, data centre managers are forced to find new ways of securing critical data in an evolving threat landscape.”
Untethering data centres from their tangible and more easily secured physical sources proves to be one of the biggest challenges facing current IT enterprises. Tom O’Reilly, CTO, Turkey, Europe East, Middle East and Africa, VCE, explains one developing trend that seems to be addressing this new challenge to data security. “We are seeing more customers moving to converged infrastructure solutions in order to satisfy their application and business requirements,” O’Reilly explains. “These converged solutions reduce the risks of running your own data centre by providing secure engineered and manufactured systems. They provide a single point of management, a single support and a methodology for keeping the infrastructure up-to-date and compliant.”
Most industry experts agree there is an overall shift towards SDN. Along with its many benefits, SDN will further complicate security issues during this transition, requiring enterprises to stay vigilant to the increases in attack vectors and potential threats. Aditya Girish, Territory Manager Middle East, Koenig Solutions, explains why this shift towards SDN requires caution and a hard look at companies’ existing security policies.
“Because an SDN data centre is one where all infrastructure has been virtualised,” Girish says, “the management of that infrastructure is completely controlled by software that is driven by policies. Companies must analyse their existing security policies with scrutiny. Security threats continue to evolve in step with SDN’s potential, and enterprises will be required to analyse these new threats and create new effective policies to deal with these new threats.”
Nicolai Solling, Director of Technology Services, Help AG, points out the key areas that companies should pay attention to when securing SDN data centres. According to Solling, “Most of the security risks of SDN centre around visibility and control of the traffic within the hypervisor.” He also explains that companies should pay close attention to firewall capabilities, especially in concerns with virtualised networks. “Many firewall vendors today have firewall components that integrate directly to the hypervisor,” Solling explains, “but when you look closely at the features offered, there is a vast difference in features between physical and virtual designated firewalls.”
CIOs and data centre architects must build in proper security controls, policies and processes to address and mitigate these new security risks. Simon Mullis, Global Technical Lead, Strategic Alliances, FireEye, explains the need for an intelligent and nuanced response to security threats. “In a modern data centre,” Mullis explains, “CIOs need to be able to understand the severity and criticality of the thousands of security events hitting their SOC.” Once these threats are identified and understood, Mullis believes the next step is learning how to react.
“It isn’t enough to respond with a broad policy. We need to understand how to appropriately respond to an event and gauge whether or not it should be seen as a breach. It’s the matter of being tactical in response to security events, and targeting the specific characteristics of a particular campaign,” Mullis says.
Recent high profile cyber-attacks point to the emergence of bad actors using targeted attacks against specific enterprises. This clearly raises the stakes in protecting data in transit, stored on active drives and after devices have been retired. Girish offers an effective solution to such attacks, explaining the need for data encryption. “Technology that makes it easier to encrypt stored data makes the process itself faster while mitigating the risk of a costly breach. Solutions such as self-encrypting drives (SED) are especially valuable in the highly dynamic environments of today’s data centres. Drives that leave the data centre without protection put business data at significant risk of being stolen, and even when the information is erased, there is a chance for recovery. SED technology ensures that even if an unauthorised entity gains access to the hardware, the stored data is unreadable.”
Even with the continued virtualisation of the modern data centre, it is important for enterprises to invest in and practice effective physical security measures as well. “It’s not all high-tech,” explains Scott. “Proper door locks, the quality of construction materials, power supply concepts and even environmental controls like water drains and pressure control are all important.”
Hatto also supports the need for physical security measures. “Attackers who can gain physical access to a computer can almost always take advantage of that access to further their efforts,” he says. “Any device connected to the network must be protected to ensure that it cannot be turned into a tool for an attacker. Location, surveillance and access controls are just a few measures that can help secure critical physical components of a data centre.”
In spite of a company’s best efforts, the truth is that attacks still happen. It is equally important for an enterprise to have strong policies for recovering from attacks as it does for preventing them. Solling says, “The primary aspect of disaster recovery is keeping business going. This requires understanding business continuity requirements. It is important to map critical applications and assets, recovery time objectives and recovery point objectives, in order to respond and recover from an attack.”
The risks of developing technology can be great, but so can the benefits. With a solid understanding of problematic areas and a vigilant approach to security policies, CIOs can reach for the clouds with a certain degree of confidence.